summaryrefslogtreecommitdiff
path: root/users/test
diff options
context:
space:
mode:
Diffstat (limited to 'users/test')
-rw-r--r--users/test/factories.rb4
-rw-r--r--users/test/functional/users_controller_test.rb77
-rw-r--r--users/test/functional/v1/users_controller_test.rb70
-rw-r--r--users/test/integration/api/account_flow_test.rb11
-rw-r--r--users/test/support/auth_test_helper.rb16
-rw-r--r--users/test/support/stub_record_helper.rb9
6 files changed, 112 insertions, 75 deletions
diff --git a/users/test/factories.rb b/users/test/factories.rb
index 6b094bd..777704b 100644
--- a/users/test/factories.rb
+++ b/users/test/factories.rb
@@ -13,7 +13,9 @@ FactoryGirl.define do
end
factory :admin_user do
- is_admin? true
+ after(:build) do |admin|
+ admin.stubs(:is_admin?).returns(true)
+ end
end
end
end
diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb
index 7f81c59..0ce5cc2 100644
--- a/users/test/functional/users_controller_test.rb
+++ b/users/test/functional/users_controller_test.rb
@@ -79,33 +79,6 @@ class UsersControllerTest < ActionController::TestCase
assert_redirected_to users_path
end
- test "should create new user" do
- user_attribs = record_attributes_for :user
- user = User.new(user_attribs)
- User.expects(:create).with(user_attribs).returns(user)
-
-
- post :create, :user => user_attribs, :format => :json
-
-
- assert_nil session[:user_id]
- assert_json_response user
- assert_response :success
- end
-
- test "should redirect to signup form on failed attempt" do
- user_attribs = record_attributes_for :user
- user_attribs.slice!('login')
- user = User.new(user_attribs)
- assert !user.valid?
- User.expects(:create).with(user_attribs).returns(user)
-
- post :create, :user => user_attribs, :format => :json
-
- assert_json_error user.errors.messages
- assert_response 422
- end
-
test "should get edit view" do
user = find_record :user
@@ -115,34 +88,6 @@ class UsersControllerTest < ActionController::TestCase
assert_equal user, assigns[:user]
end
- test "user can change settings" do
- user = find_record :user
- changed_attribs = record_attributes_for :user_with_settings
- user.expects(:attributes=).with(changed_attribs)
- user.expects(:changed?).returns(true)
- user.expects(:save).returns(true)
-
- login user
- put :update, :user => changed_attribs, :id => user.id, :format => :json
-
- assert_equal user, assigns[:user]
- assert_response 204
- assert_equal " ", @response.body
- end
-
- # Eventually, admin will be able to update some user fields
- test "admin cannot update user" do
- user = find_record :user
- changed_attribs = record_attributes_for :user_with_settings
-
- login :is_admin? => true
- put :update, :user => changed_attribs, :id => user.id, :format => :json
-
- assert_response :redirect
- assert_access_denied
-
- end
-
test "admin can destroy user" do
user = find_record :user
user.expects(:destroy)
@@ -189,20 +134,30 @@ class UsersControllerTest < ActionController::TestCase
assert_access_denied
end
- test "admin can autocomplete users" do
+ test "admin can search users" do
login :is_admin? => true
- get :index, :format => :json
+ get :index, :query => "a"
assert_response :success
assert assigns(:users)
end
- test "admin can search users" do
+ test "user cannot enable own account" do
+ user = find_record :user
+ login
+ post :enable, :id => user.id
+ assert_access_denied
+ end
+
+ test "admin can deactivate user" do
+ user = find_record :user
+ assert user.enabled?
+ user.expects(:save).returns(true)
+
login :is_admin? => true
- get :index, :query => "a"
- assert_response :success
- assert assigns(:users)
+ post :deactivate, :id => user.id
+ assert !assigns(:user).enabled?
end
end
diff --git a/users/test/functional/v1/users_controller_test.rb b/users/test/functional/v1/users_controller_test.rb
new file mode 100644
index 0000000..0d44e50
--- /dev/null
+++ b/users/test/functional/v1/users_controller_test.rb
@@ -0,0 +1,70 @@
+require 'test_helper'
+
+class V1::UsersControllerTest < ActionController::TestCase
+
+ test "user can change settings" do
+ user = find_record :user
+ changed_attribs = record_attributes_for :user_with_settings
+ user.expects(:update_attributes).with(changed_attribs)
+
+ login user
+ put :update, :user => changed_attribs, :id => user.id, :format => :json
+
+ assert_equal user, assigns[:user]
+ assert_response 204
+ assert_equal " ", @response.body
+ end
+
+ test "admin can update user" do
+ user = find_record :user
+ changed_attribs = record_attributes_for :user_with_settings
+ user.expects(:update_attributes).with(changed_attribs)
+
+ login :is_admin? => true
+ put :update, :user => changed_attribs, :id => user.id, :format => :json
+
+ assert_equal user, assigns[:user]
+ assert_response 204
+ end
+
+ test "user cannot update other user" do
+ user = find_record :user
+ login
+ put :update, :user => record_attributes_for(:user_with_settings), :id => user.id, :format => :json
+ assert_access_denied
+ end
+
+ test "should create new user" do
+ user_attribs = record_attributes_for :user
+ user = User.new(user_attribs)
+ User.expects(:create).with(user_attribs).returns(user)
+
+ post :create, :user => user_attribs, :format => :json
+
+ assert_nil session[:user_id]
+ assert_json_response user
+ assert_response :success
+ end
+
+ test "should redirect to signup form on failed attempt" do
+ user_attribs = record_attributes_for :user
+ user_attribs.slice!('login')
+ user = User.new(user_attribs)
+ assert !user.valid?
+ User.expects(:create).with(user_attribs).returns(user)
+
+ post :create, :user => user_attribs, :format => :json
+
+ assert_json_error user.errors.messages
+ assert_response 422
+ end
+
+ test "admin can autocomplete users" do
+ login :is_admin? => true
+ get :index, :query => 'a', :format => :json
+
+ assert_response :success
+ assert assigns(:users)
+ end
+
+end
diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb
index 1698105..d4360de 100644
--- a/users/test/integration/api/account_flow_test.rb
+++ b/users/test/integration/api/account_flow_test.rb
@@ -66,8 +66,7 @@ class AccountFlowTest < RackTest
test "signup and wrong password login attempt" do
srp = SRP::Client.new @login, :password => "wrong password"
server_auth = srp.authenticate(self)
- assert_json_error login: "Not a valid username/password combination",
- password: "Not a valid username/password combination"
+ assert_json_error "base" => "Not a valid username/password combination"
assert !last_response.successful?
assert_nil server_auth["M2"]
end
@@ -78,8 +77,7 @@ class AccountFlowTest < RackTest
assert_raises RECORD_NOT_FOUND do
server_auth = srp.authenticate(self)
end
- assert_json_error login: "Not a valid username/password combination",
- password: "Not a valid username/password combination"
+ assert_json_error "base" => "Not a valid username/password combination"
assert !last_response.successful?
assert_nil server_auth
end
@@ -88,10 +86,11 @@ class AccountFlowTest < RackTest
server_auth = @srp.authenticate(self)
test_public_key = 'asdlfkjslfdkjasd'
original_login = @user.login
- put "http://api.lvh.me:3000/1/users/" + @user.id + '.json', :user => {:public_key => test_public_key, :login => 'failed_login_name'}, :format => :json
+ new_login = 'zaph'
+ put "http://api.lvh.me:3000/1/users/" + @user.id + '.json', :user => {:public_key => test_public_key, :login => new_login}, :format => :json
@user.reload
assert_equal test_public_key, @user.public_key
- assert_equal original_login, @user.login
+ assert_equal new_login, @user.login
# eventually probably want to remove most of this into a non-integration functional test
# should not overwrite public key:
put "http://api.lvh.me:3000/1/users/" + @user.id + '.json', :user => {:blee => :blah}, :format => :json
diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb
index c0fcf3a..555b5db 100644
--- a/users/test/support/auth_test_helper.rb
+++ b/users/test/support/auth_test_helper.rb
@@ -20,10 +20,18 @@ module AuthTestHelper
def assert_access_denied(denied = true, logged_in = true)
if denied
- assert_equal({:alert => "Not authorized"}, flash.to_hash)
- # todo: eventually probably eliminate separate conditions
- assert_redirected_to login_path if !logged_in
- assert_redirected_to root_path if logged_in
+ if @response.content_type == 'application/json'
+ assert_json_response('error' => I18n.t(:not_authorized))
+ assert_response :unprocessable_entity
+ else
+ if logged_in
+ assert_equal({:alert => I18n.t(:not_authorized)}, flash.to_hash)
+ assert_redirected_to root_url
+ else
+ assert_equal({:alert => I18n.t(:not_authorized_login)}, flash.to_hash)
+ assert_redirected_to login_url
+ end
+ end
else
assert flash[:alert].blank?
end
diff --git a/users/test/support/stub_record_helper.rb b/users/test/support/stub_record_helper.rb
index 168a827..8aa1973 100644
--- a/users/test/support/stub_record_helper.rb
+++ b/users/test/support/stub_record_helper.rb
@@ -1,15 +1,18 @@
module StubRecordHelper
- # Will expect find_by_param or find_by_id to be called on klass and
+ #
+ # We will stub find_by_param or find_by_id to be called on klass and
# return the record given.
+ #
# If no record is given but a hash or nil will create a stub based on
# that instead and returns the stub.
+ #
def find_record(factory, attribs_hash = {})
- attribs_hash.reverse_merge!(:id => Random.rand(10000).to_s)
+ attribs_hash = attribs_hash.reverse_merge(:id => Random.rand(10000).to_s)
record = stub_record factory, attribs_hash
klass = record.class
finder = klass.respond_to?(:find_by_param) ? :find_by_param : :find
- klass.expects(finder).with(record.to_param.to_s).returns(record)
+ klass.stubs(finder).with(record.to_param.to_s).returns(record)
return record
end